![](/img/trans.png)
[英]Unable to decrypt a string in C# which is encrypted with RSA public key in Node.js
[英]Using node.js to decrypt data encrypted using c#
我现在面临一个问题,需要你们的帮助。
我使用 c# 来做一些加密。 然后需要使用 node.js 来解密。 但是我刚刚发现根据我的 c# 加密算法我无法正确地做到这一点。 如果你们有任何解决方案,请帮助我。
这是我的 c# 加密代码:
public static string Encrypt(string text, String password, string salt, string hashAlgorithm, int passwordIterations, string initialVector, int keySize)
{
if (string.IsNullOrEmpty(text))
return "";
var initialVectorBytes = Encoding.ASCII.GetBytes(initialVector);
var saltValueBytes = Encoding.ASCII.GetBytes(salt);
var plainTextBytes = Encoding.UTF8.GetBytes(text);
var derivedPassword = new PasswordDeriveBytes(password, saltValueBytes, hashAlgorithm, passwordIterations);
var keyBytes = derivedPassword.GetBytes(keySize / 8);
var symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
byte[] cipherTextBytes = null;
using (var encryptor = symmetricKey.CreateEncryptor(keyBytes, initialVectorBytes))
{
using (var memStream = new MemoryStream())
{
using (var cryptoStream = new CryptoStream(memStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
cipherTextBytes = memStream.ToArray();
memStream.Close();
cryptoStream.Close();
}
}
}
symmetricKey.Clear();
return Convert.ToBase64String(cipherTextBytes);
}
public static string Decrypt(string text, String password, string salt, string hashAlgorithm, int passwordIterations, string initialVector, int keySize)
{
if (string.IsNullOrEmpty(text))
return "";
var initialVectorBytes = Encoding.ASCII.GetBytes(initialVector);
var saltValueBytes = Encoding.ASCII.GetBytes(salt);
var cipherTextBytes = Convert.FromBase64String(text);
var derivedPassword = new PasswordDeriveBytes(password, saltValueBytes, hashAlgorithm, passwordIterations);
var keyBytes = derivedPassword.GetBytes(keySize / 8);
var symmetricKey = new RijndaelManaged();
symmetricKey.Mode = CipherMode.CBC;
var plainTextBytes = new byte[cipherTextBytes.Length];
var byteCount = 0;
using (var decryptor = symmetricKey.CreateDecryptor(keyBytes, initialVectorBytes))
{
using (var memStream = new MemoryStream(cipherTextBytes))
{
using (var cryptoStream = new CryptoStream(memStream, decryptor, CryptoStreamMode.Read))
{
byteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memStream.Close();
cryptoStream.Close();
}
}
}
symmetricKey.Clear();
return Encoding.UTF8.GetString(plainTextBytes, 0, byteCount);
}
如果有人可以为我提供与 nodejs 相同的功能,那将非常有帮助。 无论如何,感谢您阅读这篇文章。
首先,我们将使用Node.js执行PasswordDeriveBytes
函数。 这是crypto.pbkdf2
:
// assumes HMAC-SHA1
crypto.pbkdf2(password, salt, iterations, keySize / 8, function(err, key) {
if(err) /* handle error */
// ...
});
接下来,使用crypto.createDecipheriv
创建一个解密器:
// find algorithm from the available ciphers; see crypto.getCiphers()
var decipher = crypto.createDecipheriv(/* algorithm */, key, initialVector);
然后使用decipher.update
和decipher.final
向其提供数据。 他们会将部分解密数据返回给您。
在完全相同的情况下,我能够使用上面@icktoofay提供的代码获得成功的“ C#加密=>节点解密”解决方案, 但用PasswordDeriveBytes替换为Rfc2898DeriveBytes
我的代码大致是:
C#
private byte[] saltBytes = ASCIIEncoding.ASCII.GetBytes(salt);
public string Encrypt<T>(string value, string password) where T: SymmetricAlgorithm, new() {
byte[] valueBytes = UTF8Encoding.UTF8.GetBytes(value);
byte[] encrypted = null;
using (T cipher = new T()) {
var db = new Rfc2898DeriveBytes(password, saltBytes);
db.IterationCount = iterationsConst;
var key = db.GetBytes(keySizeConst / 8);
cipher.Mode = CipherMode.CBC;
using (ICryptoTransform encryptor = cipher.CreateEncryptor(key, vectorBytes)) {
using (MemoryStream ms = new MemoryStream()) {
using (CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write)) {
cs.Write(valueBytes, 0, valueBytes.Length);
cs.FlushFinalBlock();
encrypted = ms.ToArray();
}
}
}
cipher.Clear();
}
return Convert.ToBase64String(encrypted);
}
JavaScript的:
var crypto = require('crypto');
var base64 = require('base64-js');
var algorithm = 'AES-256-CBC';
[...]
var saltBuffer = new Buffer(salt);
var passwordBuffer = new Buffer(password);
[...]
var encodedBuffer = new Buffer(base64.toByteArray(encryptedStringBase64Encoded));
crypto.pbkdf2(passwordBuffer, saltBuffer, iterations, keySize / 8, function(err, key) {
var decipher = crypto.createDecipheriv(algorithm, key, iv);
var dec = Buffer.concat([decipher.update(encodedBuffer), decipher.final()]);
return dec;
});
实际上是我在Internet上找到的一些示例的结合。
因为在某些特定情况下(在编码字符串的开头为“ +”号),我对Buffer的Base64实现存在问题,所以我使用了https://github.com/beatgammit/base64-js中的 base64-js似乎工作正常。
问题是,PasswordDeriveBytes 没有实现 pbkdf2,而是 pbkdf1 (PKCS #5 v2.1) 的修改版本。 有关更多信息,请参阅此什么是算法背后的密码derivebytes。
注意:PasswordDeriveBytes 构造函数的默认值是迭代 = 100 和 hashAlgorithm = "sha1"
这是我在 javascript/typescript 中实现这个算法的方法:
export function deriveBytesFromPassword(password: string, salt: Buffer, iterations: number, hashAlgorithm: string, keyLength: number) {
if (keyLength < 1) throw new Error("keyLength must be greater than 1")
if (iterations < 2) throw new Error("iterations must be greater than 2")
const passwordWithSalt = Buffer.concat([Buffer.from(password, "utf-8"), salt])
const hashMissingLastIteration = hashKeyNTimes(passwordWithSalt, iterations - 1, hashAlgorithm)
let result = hashKeyNTimes(hashMissingLastIteration, 1, hashAlgorithm)
result = extendResultIfNeeded(result, keyLength, hashMissingLastIteration, hashAlgorithm)
return result.slice(0, keyLength)
}
function hashKeyNTimes(key: Buffer, times: number, hashAlgorithm: string): Buffer {
let result = key
for (let i = 0; i < times; i++) {
result = crypto.createHash(hashAlgorithm).update(result).digest()
}
return result
}
function extendResultIfNeeded(result: Buffer, keyLength: number, hashMissingLastIteration: Buffer, hashAlgorithm: string): Buffer {
let counter = 1
while (result.length < keyLength) {
result = Buffer.concat([result, calculateSpecialMicrosoftHash(hashMissingLastIteration, counter, hashAlgorithm)])
counter++
}
return result
}
function calculateSpecialMicrosoftHash(hashMissingLastIteration: Buffer, counter: number, hashAlgorithm: string): Buffer {
// Here comes the magic: Convert an integer that increases from call to call to a string
// and convert that string to utf-8 bytes. These bytes are than used to slightly modify a given base-hash.
// The modified hash is than piped through the hash algorithm.
// Note: The PasswordDeriveBytes algorithm converts each character to utf-16 and then drops the second byte.
const prefixCalculatedByCounter = Buffer.from(counter.toString(), "utf-8")
const inputForAdditionalHashIteration = Buffer.concat([prefixCalculatedByCounter, hashMissingLastIteration])
return crypto.createHash(hashAlgorithm).update(inputForAdditionalHashIteration).digest()
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.